The Hacker News

145 Mastra npm Packages Compromised via Hijacked Contributor Account

Mastra npm packages added easy-day-js malware, exposing developer systems and CI runners to infostealer risks.
InfoQ

Ky 2.0 Fetch API Wrapper with Revamped Hooks, Smarter Timeouts, and Built-In Schema Validation

Ky 2.0 is an open-source JavaScript HTTP client built on the Fetch API, featuring significant updates such as consolidated ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
The Next Web

Henrique Schmaiske and the human work behind Meteor 3.0

Meteor CTO Henrique Schmaiske led the framework's largest release in over a decade, removing Fibers and migrating to async/await across 2,300 commits while keeping 500,000+ active installations stable ...
The Buffalo News

A software company set up shop in Buffalo with dreams of growth. The dream is coming true

The Belgian-based software company that set up shop in Buffalo as its East Coast headquarters in 2020 just keeps on growing ...
The Real Deal

NYC’s Top Developers 2025

This dataset ranks the top 20 most active developers in New York City. The Real Deal analyzed new building permits for projects 20,000 square feet and larger in Brooklyn, Manhattan and Queens issued ...